<?php 
require_once ("../dbcon.php");
if($_POST){  // 点登陆按钮后，跳转到本页面，这个提交，post
    $email = $_POST['email'];
    $password = $_POST['password'];
    if (empty($_POST['email']) || empty($_POST['password'])) {
        // 没有完整填写表单，定义一个变量存放错误消息，在渲染 HTML 时显示到页面上
        $message = '请完整填写表单';
    }else {
        $sql = "
           select id,slug,email,status from users 
           where email=:email and password=:password
           and status='activated'
            ";

        $stmt = $db->prepare($sql);   //$conn
        $stmt->bindParam(':email',$email,PDO::PARAM_STR);
        $stmt->bindParam(':password',$password,PDO::PARAM_STR);
        // var_dump($stmt);
        if($stmt->execute()){
            $row = $stmt->fetch(PDO::FETCH_ASSOC);
            if($row!==false){
                // 正确，保存用户登录信息状态，session
                // 跳转到后台首页面
                session_start();
                $_SESSION['uid'] = $row['id'];
                $_SESSION['email'] = $row['email'];
                header("Location: index.php");
                exit;

            }else{
                $message="账号或密码错误";
            }
        }else {
            $message = "数据库错误";
        }
        
    }  
    // echo "<pre>";
    // var_dump($row);
    // exit();
}
// var_dump("msg:".$message);
?>
<!DOCTYPE html>
<html lang="zh-CN">
<head>
  <meta charset="utf-8">
  <title>Sign in &laquo; Admin</title>
  <link rel="stylesheet" href="../static/assets/vendors/bootstrap/css/bootstrap.css">
  <link rel="stylesheet" href="../static/assets/css/admin.css">
</head>
<body>
  <div class="login">
    <form class="login-wrap" action="" method="post">
      <img class="avatar" src="../static/assets/img/default.png">
      <?php if(isset($message)) : ?>
      <!-- 有错误信息时展示 -->
        <div class="alert alert-danger">
          <strong>错误！</strong> <?=$message; ?>
        </div>
      <?php endif; ?>
      <div class="form-group">
        <label for="email" class="sr-only">邮箱</label>
        <input id="email" type="email" name="email" class="form-control" placeholder="邮箱" autofocus
              value="<?php echo isset($_POST['email']) ? $_POST['email'] : ''; ?>" 
        >
      </div>
      <div class="form-group">
        <label for="password" class="sr-only">密码</label>
        <input id="password" type="password" name="password" class="form-control" placeholder="密码">
      </div>
      <input type="submit" value="登 录" class="btn btn-primary btn-block" />
      <!-- <a class="btn btn-primary btn-block" href="index.html">登 录</a> -->
    </form>
  </div>
</body>
</html>
